Microsoft’s October Patch Tuesday addresses three critical security vulnerabilities in the Windows DNS client in Windows 8, Windows 10, and Windows Server 2012 and 2016. The vulnerabilities affect the Microsofts implementation of one of the data record features used in the secure Domain Name System protocol, DNSSEC. An insider or an external attacker is in the condition to run a man-in-the-middle attack to intercept DNS requests from the victim’s machine could exploit the flaw. Microsoft fixed the flaw by releasing the KB4042895 security update (OS Build 10240.17643)”]
Source: http://securityaffairs.co/wordpress/64137/hacking/dnssec-zero-days-flaws.html